[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls

To: "Richard M. Smith" <rms@computerbytesman.com>
Subject: Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
From: Valdis.Kletnieks@vt.edu
Date: Wed, 13 Aug 2003 22:18:21 -0400

On Wed, 13 Aug 2003 20:04:47 EDT, "Richard M. Smith" <rms@computerbytesman.com>  said:

> Windows directory from being accessed from the Internet.  My only
> question is why aren't NAT routers built into all cable and DSL modems.

Because NAT is *not* a be-all and end-all.  NAT *does* break things.

You can't easily do IPSec through a NAT (meaning you need to do some tap-dancing
if you want to VPN from one).

NAT breaks a lot of end-to-end stuff - for instance, if you have a NAT, it's *REALLY*
hard to have 2 different machines running servers on the same port.

http://www.ietf.org/rfc/rfc3027.txt?number=3027 for all the gory details

PGP signature

Follow-Ups:
- RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
  - From: "Richard M. Smith" <rms@computerbytesman.com>

References:
- RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
  - From: "Richard M. Smith" <rms@computerbytesman.com>

Prev by Date: RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
Next by Date: Re: [Full-Disclosure] recent RPC/DCOM worm thought
Prev by thread: Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
Next by thread: RE: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
Index(es):
- Date
- Thread